Re: We need a court action
Re-use should be expected.
My password manager shows ~802 passwords currently stored, with various sites having various rules about length, formation etc so horse-battery-staple won't work nor do I (nor most people) have photographic memories.
I think one of the problems is the number of places that force you to make an account when you shouldn't really need to before you can do anything. I've got usernames and passwords on theatre sites that I've visited only once because I couldn't buy tickets without registering (what's wrong with just saying here's my credit card, give me my tickets?*), and yesterday I missed a package from a well known delivery company - could I find anywhere on their website to reschedule the delivery? Not until I'd made an account with them!
There must be millions of user accounts floating around with names and passwords that have been used exactly once and subsequently been forgotten about - it's not surprising people can't be arsed to think up a new password every time.
* Of course, what's 'wrong' is that if you did that then they couldn't then spam you forever with marketing!